Looking for a career path in Cyber Security? As a cyber security expert, you have a huge range of jobs to take control of in the government, retail, finance and many other industries. But cyber security is strictly a specialist field. It means that you can’t just start your career as a cyber security professional. You will have to do your part in general IT and then move on to security specialist positions like Penetration Tester and Security Architect. So how do you leave your general IT position for the greater good?
This page can help you out.
The transition from general IT can be tricky, which is why we made this little page to help you jump start your general IT career that can later on turned into a specialist career. We’ve listed down tips like what IT jobs to choose, what to add on your resume, how to gain useful practical experience and general tips. You’ll also find information on Hard IT skills and a number of different non-security related certifications that will give you an edge and secure your future.
Where Do You Begin?
Your Career Path Options
You can enter cyber security career paths from nearly all kinds of different angles. Whether its science, math, philosophy, history or computer science, you can build a career towards cyber security. But in order to get into a security career, you must have a deep interest in how technology works. You need to understand what are you going to protect and why things become insecure in the first place.
Start By Training In General IT
To kick start your career, take on a general IT job whether it’s an internship, apprenticeship or a full time job in IT. This should help you in understanding the fundamentals like configuring and administering systems, databases, networks and coding. You’ll also learn of general IT procedures and it applications in real business operations.
Learn To Focus On Your Interests
You can’t be a jack of all trades in cyber security. So it is essential that you focus on an interest and build from there. Many big employers advise newcomers to focus on an area that interests them the most, such as networking security. You should plan 5-10 years ahead for your ultimate career in cyber security. Once you are ready, you can start looking for any beginner level IT Jobs in the industry that should provide you with the necessary skills. You could start by joining a job as a:
- Web developer – helps in learning web security and ultimately how to develop security software
- Network administrator – helps in learning forensics and network security
- Exchange administrator – helps in learning email security
- System Administrator – helps in learning forensics and system security
Start Gaining Practical Experience
Your new IT job will give you plenty of opportunities to expose yourself to practical experience. Don’t let this pass and aim to earn as much practical experience as you can. If you are not currently in an IT position, you can still earn practical experience by taking part in guided training and self-directed learning.
What Starter IT Job Options Are Available?
Following are just some IT jobs that can help you build a career towards cyber security:
- Computer Software Engineer
- Computer Systems Analyst
- IT Technician
- Network Administrator
- Network Systems And Data Analyst
- Web Administrator
- Computer Programmer
- Computer Support Specialist
- Database Administrator
- IT Technical Support
- IT Customer Support
- Network Engineer
- System Administrator
Note: Not all of these positions will give you knowledge on cyber security. There are some positions that expose you to practical cyber security experience. It is a good idea to talk to your network or a hiring agency about the possibilities of learning cyber security fundamentals during your general IT job.
How To Build An Effective Cyber Security Resume
Who Is The Ideal Cyber Security Candidate In The Eyes Of Hiring Agencies?
An ideal cyber security candidate should possess a balance of soft and technical skills. When it comes to technical skills, employers want:
- Exposure to day to day operations – such as server equipment, networks, enterprise storage, applications, users, physical security and more.
- IT Fundamentals – such as database management, system administration, web applications, networking and more.
When it comes to soft skills, employers want:
- Someone who knows how to work in a team based environment and someone who can talk properly with non-IT co workers and clients
- Someone who properly understands the procedures and process of businesses
- Someone who loves solving complex problems and puzzles
What A Perfect Resume Should List?
A College Degree
A college degree isn’t mandatory to begin a career in cyber security, however, it is a huge plus point. A college degree means that you already have learnt important and necessary skills in project management, writing, communication and business. These skills are massively useful in any cyber security profession. Also having a degree means that it will be easier for you to land a management position with an employer. In fact, some employers are now making it necessary for you to hold a degree in order to be considered for a job. You can choose a degree and learn more about how it will affect your interview and hiring potential.
Job Experience In The Relevant Field
If you’ve ever held a position in general IT, list it down. If your job position exposed you to cyber security, clearly add it next to your experiences. This can include volunteer work, apprenticeships and internships. If you plan to go for a cyber security in the government, you are expected to have some experience in law enforcement or military.
Relevant IT Certifications
Employers are always looking for someone who has a relevant IT certification/s. You should be able to provide a certification with proof of your real world experience to boost your potential. You can choose cyber security certifications on our security certifications page.
Achievements In Relevant Field (general IT)
If you have ever had an achievement in general IT, list it down if you think your employers will be interested. Anything from winning cyber security contests to scholarships or certificates can work.
Hard IT Skills
Some of the most useful Hard IT Skills that are definitely a boost to your resume are covered in a section below.
Gaining Practical Cyber Security Experience
- Do side projects with your cyber security certification exams that utilize the skills you are learning
- Try to help your employer or professor with any security related issues
- Try taking training courses. Many are available through SANS
- Go for a free online training course in cyber security (MOOCS)
Volunteering and Networking
- Get in touch with peers playing Wargames and CTF
- Volunteer for cyber security conferences
- Work with a nonprofit organization by volunteering to do IT and security related tasks
- Join security organizations, get in touch with LinkedIn groups or join a professional network
- Make your way to the Local Security Group Meetings and Events
- Work together with a team working on any cyber security project in school or at work
Self Directed Learning
- You could try teaching yourself to code using free online resources
- Build or work on an open source project
- Find vulnerabilities on an open source projects or sites that offer bug bounties. Don’t forget to document your findings, work and solutions.
- Take part in training games and contests in cyber security
- Build a wireless router with firewall
- Build a network switch
- Practice trying to secure your computer and then attempt to hack it
- Build your own system at home
- Subscribe to IT related magazines, news sites, read books, blogs or email alerts
- Keep visiting cyber security forums like Information Security Stack Exchange
- Run a self background check to see if there are any issues. Find solutions to fix those issues. You need to be ethical if you want a career in security
- Save useful cyber security websites. Keep visiting them regularly
Learning Useful Skills And Finding Useful Certifications
Must Have Hard IT Skills
While going through practical experience in cyber security while on an IT job, consider acquiring some Hard IT skills. These skills are highly recognized and in full demand with a lot of big employers. But before you start working on a skill, it is a good idea to talked to experienced individuals like senior students, professors, colleagues etc because the technologies in IT and security are constantly evolving at an alarming level.
Here are the Hard IT skills you should be aiming to add to your professional experience:
- Computer networking, switching and routing, TCP/IP
- Firewall and intrusion detection and prevention protocols
- Load balancer, Proxy Server Knowledge
- Packet Shaper
- Packet analysis and Network protocols
- Network or system configuration
Coding and Programming
- Java, C#, C, C++
- Regex skills
- Assembly language and disassemblers
- Ruby, PHP, Python, Perl or Shell or both
- Linux/MAC Bash shell scripting
Operating Systems And Database Management
As mentioned earlier, cyber security careers are specialist careers. At one point in your career, you will have to specialize in a field. Here are the various specializations available:
- Cloud computing
- Cisco networks
- Microsoft technologies
- Open source applications
- Database modeling
You can gain experience in these fields by getting into self directed learning or guided training (covered above) or you could also volunteer for tasks related to cyber security or collaborate with mentors.
Non-Security IT Certifications That Can Help
Before taking on any hardcore security certifications, you should check the following certifications. These acronyms below are very popular with many IT or security professionals. You can often see these with their profiles. The certifications listed below are just some of the ones that can help. There are plenty more out there which you can find out by visiting forums or talking to professionals.
One of the most common beginner certification for IT professionals, especially those who are in IT support and IT technician positions. The exams include maintenance of PCs, operating systems, mobile devices, laptops and printers.
If you aim to work with companies like Lenovo, Dell and Intel, you’ll need to have this certification. CompTIA A+ is also recognized by the Department of Defense (DoD). Follow Up courses include Security+ and Network+.
Information Technology Infrastructure Library (ITIL) Foundation
ITIL, as the name suggests, covers the best practices of ITIL. The foundation course is the basic most level which is often seen on many job requirements.
The exams of the course will test candidates in key elements such as terminology and concepts used in ITIL service lifecycle. These include links between the processes used, lifecycle stages and the contribution they have in service management practices. This foundation course is worth investing into especially if your employer is using ITIL processes to handle the services they provide to both internal and external clients.
Project Management Professional (PMP)
Meant for mid level project managers. Interested candidates who do not have a bachelor’s degree should have at least 5 years of experience in project management to take the course. For candidates holding a bachelor’s degree, the experience required is 3 years.
Those who have completed this course has shown time and time again that they possess the necessary knowledge and skills to handle teams. This course isn’t mandatory but it can definitely help you out in the resume department. It could even lead to increased salary.
VMWare Certified Professional 5 – Data Center Virtualization (VCP5 – DCV)
This is one of the most expensive certifications available but it is completely worth it especially if you are interested in virtualization. In order to pass the foundation level of the certifications, candidates are required to demonstrate real world experience with VMware technologies. They are also expected to complete a VMware authorized training course that leads to a final exam which must also be cleared. Once completed, you will have the ability to instal, monitor, deploy, manage and scale VMware vSphare environments.
Once you obtain this certification, you can go for the advanced version known as VMWare DCV Certification.
Cisco Certified Network Associate (CCNA) Routing and Switching
One of the most popular and go to certification for anyone who is an entry level specialist or network engineer working with Cisco technology routers and networks. CCNA holders display abilities such as installing, configuring, operating and troubleshooting any medium sized switched and routed networks.
This certification can easily be compared to CCNA Security which revolves around core security technologies, availability of data, confidentiality and competency in various technologies used by Cisco in their security structure. Once completed, or if you are an experienced individual, you can go for Professional and Expert levels of the certification.
This is the second in CompTIA’s threefold security qualifications. These include CompTIA A+ and CompTIA Security+. Network+ tests the individual’s knowledge of data networks. It is an ISO-17024 compliant certification. Date network knowledge includes installing, building, maintaining, protecting and operating networking systems.
This certification is often highly recommended for technicians, installers and network admins.
Microsoft Certified Solutions Expert (MCSE)
If you work in a company that uses Microsoft technologies, then you cannot ignore Microsoft Certificate Solutions Associate and Microsoft Certified Solutions Expert certifications. Before moving to MCSE, you’ll have to go through and complete the MCSA certification.
This certification is extremely well reputed in the industry. MCSE shows a professional’s ability to deploy, build, operate, optimize and maintain Microsoft based computer systems. There are nine paths in the MCSE to choose from. A few of them include private cloud, server infrastructure and sharepoint.
Red Hat Certified Architect (RHCA)
Like Linux? Want to become an expert? Don’t look any further than RHCA. This is one of the most challenging and tough to obtain qualification within the RHCA. To get the RHCA status, you need to be a Red Hat Certified Engineer and must pass a minimum of 5 exams. You will also have to demonstrate your knowledge and skills in performance based tasks. For newcomers, RHCAS and CompTIA Linux+ is recommended before moving into this certification.
Latest posts by Jake Ciber (see all)
- USA Muni market is slowly paying attention to cyber risks - June 15, 2017
- The cybersecurity industry will face massive worker shortfall by 2022 - June 8, 2017
- Is cybersecurity a threat to our interconnected future? - May 22, 2017